2014-11-29
ALT-BU-2014-3134-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2014-04-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-2855
The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
Severity: HIGH (7.8)
References:
- http://advisories.mageia.org/MGASA-2015-0065.html
- http://advisories.mageia.org/MGASA-2015-0065.html
- FEDORA-2014-5315
- FEDORA-2014-5315
- openSUSE-SU-2014:0595
- openSUSE-SU-2014:0595
- 57948
- 57948
- MDVSA-2015:131
- MDVSA-2015:131
- [oss-security] 20140414 CVE Request: rsync denial of service
- [oss-security] 20140414 CVE Request: rsync denial of service
- [oss-security] 20140415 Re: CVE Request: rsync denial of service
- [oss-security] 20140415 Re: CVE Request: rsync denial of service
- USN-2171-1
- USN-2171-1
- https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/1307230
- https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/1307230
- https://bugzilla.samba.org/show_bug.cgi?id=10551
- https://bugzilla.samba.org/show_bug.cgi?id=10551
- https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=0dedfbce2c1b851684ba658861fe9d620636c56a
- https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=0dedfbce2c1b851684ba658861fe9d620636c56a
Closed bugs
добавить unit-файлы для совместимости с systemd
Closed vulnerabilities
Published: 2014-12-01
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-6497
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
Severity: LOW (2.1)
References:
- http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html
- http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html
- FEDORA-2014-15473
- FEDORA-2014-15473
- FEDORA-2014-15463
- FEDORA-2014-15463
- openSUSE-SU-2014:1560
- openSUSE-SU-2014:1560
- SUSE-SU-2014:1571
- SUSE-SU-2014:1571
- SUSE-SU-2014:1574
- SUSE-SU-2014:1574
- 59645
- 59645
- 60150
- 60150
- MDVSA-2014:217
- MDVSA-2014:217
- [oss-security] 20141118 Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!
- [oss-security] 20141118 Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!
- [oss-security] 20141118 Re: Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!
- [oss-security] 20141118 Re: Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!
- 71178
- 71178
- USN-2423-1
- USN-2423-1
- USN-2488-2
- USN-2488-2
- https://bugzilla.clamav.net/show_bug.cgi?id=11088
- https://bugzilla.clamav.net/show_bug.cgi?id=11088
- https://bugzilla.redhat.com/show_bug.cgi?id=1138101
- https://bugzilla.redhat.com/show_bug.cgi?id=1138101
- clamv-cve20136497os(98804)
- clamv-cve20136497os(98804)
Closed bugs
Обновление пакетa Clamav